WIRELESS PACKET ANALYZER TOOL WITH IP TRACEROUTE
|
|
- Beverly Small
- 8 years ago
- Views:
Transcription
1 WIRELESS PACKET ANALYZER TOOL WITH IP TRACEROUTE H. Abdul Rauf, Dean (CSE/IT), V.L.B. Janakiammal College of Engineering & Technology, Coimbatore A. Ebenezer Jeyakumar Principal, Government College of Engineering, Salem ABSTRACT The ability to characterize IP traffic and understand how and where it flows is critical for network availability, performance, security and troubleshooting. Monitoring IP traffic flows facilitates more accurate capacity planning and ensures that resources are used appropriately in support of organizational goals. It helps to determine where to apply Quality of Service (QoS), optimize resource usage and it plays a vital role in network security to detect Denial-of-Service (DoS) attacks, network propagated worms, and other undesirable network events. The proposed Wireless Packet Analyzer Tool (WPAT) facilitates solutions to many common Wi- Fi threats like DoS attack, Mis-associated systems from neighboring premises, Rogue APs etc., encountered by wireless networks. The attacks were simulated in an experimental set-up and WPAT is tested for required performance. A scheme that may effectively and efficiently combine detection, defense, and traceback may significantly enhance performance and mitigate false positives. The WPAT is used to identify the new IP and its route is traced by IP Traceback tool. The route contains the details such as the total number of hops, time taken for each hops in milliseconds and the IP address of the intermediate routers. The traced route is used for plotting the graph. Keywords: : Denial-of-Service, Wireless Packet Analyzer Tool, IP Traceback. 1 INTRODUCTION The rapid increase in the use of computers coupled with the exponential growth of the Internet has also had ramifications on the growth of crime. Effective tools that can analyze and monitor the network traffic and can also keep up with the growing bandwidth speeds are required. Such monitoring tools help network administrators in evaluating and diagnosing performance problem with servers, the network, hubs and applications. Careful and judicious monitoring of data flowing across the network can help detect and prevent crime and protect intellectual property as well as privacy of individuals. Network monitoring tools can monitor the network at various levels of the network stack. Some tools monitor only at the MAC layer whereas others can also monitor the network layer. Some tools can extend to the application level as well. There are only limited tools that can attempt to monitor based on filtering the content of applications. Network monitoring tools are mostly sniffers optionally coupled with filtering and post processing tools. This paper discusses the mechanics of the proposed Wireless Packet Analyzer Tool which is a post processing tool coupled to an already available sniffer. The IP Traceback is the process of identifying the actual source of attack packets. It helps in mitigating DoS attacks by isolating the identified attack sources. IP Traceback is a challenging problem because of the Distributed anonymous nature of DDoS attacks, the stateless nature of the internet, the destination oriented IP routing and the fact of having million of hosts connected to the internet. All these factors help attackers to stay behind the scenes and hence complicate the process of traceback. The remainder of the paper is organized as follows: Section (2) details the theory and background of the paper. Section (3) focuses on Network Monitoring Tool. Section (4) emphasizes on IP Traceback Tool and graphical output. Section (5) the conclusion and future scope of the paper. Volume 3 Number 3 Page 161
2 2 BACKGROUND Carnivore (Smith 2000) is a tool developed by the Federal Bureau of Investigation (FBI). This tool is developed for the sole purpose of directed surveillance and it can capture packets based on a wide range of application layer based criteria. It functions through wire-taps across gateways and Internet Service Provider (ISPs). Carnivore is also capable of monitoring dynamic IP address based networks. The capabilities of string searches in application level content seem limited in this package. It can also capture messages to and from a specific user s account and all network traffic to and from a specific user or IP address. It can also capture headers for various protocols. PickPacket (Neeraj 2002) and (Pande and Sanghi 2005) is a monitoring tool similar to Carnivore. This tool can filter packets across the levels of the Open Systems Interconnection (OSI) network stack for selected applications. Criteria for filtering can be specified for network layer and application layer for applications. It also supports real-time searching for text string in applications and packet content. The criteria for selecting packets in PickPacket can be specified at several layers of the protocol stack. The filtering component of this tool does not inject any IP packets onto the network. Once the IP packets have been selected based on these criteria, they are dumped to permanent storages. The tool has been demonstrated to work over a 100 Mbps link. The extensibility and the modular design of PickPacket makes it more generalized and it can be used as a simple tcpdump like application and can also be extended to become an intrusion detection tool. Cisco Netflow Tool (2007) identifies new application network loads such as VoIP or remote site additions. This tool use NetFlow statistics to measure WAN traffic improvement from application-policy changes; understand who is utilizing the network and the network top talkers. Diagnose slow network performance, bandwidth hogs and bandwidth utilization quickly with command line interface or reporting tools. It also has facilities to avoid costly upgrades by identifying the applications causing congestion. NetFlow can be used for anomaly detection and worm diagnosis. It confirms that appropriate bandwidth has been allocated to each Class of Service (CoS) and that no CoS is over - or under - subscribed. 3 WIRELESS PACKET ANALYSER TOOL Network monitoring tools are often called sniffers. Network sniffers are software applications often bundled with hardware devices and are used for eavesdropping on network traffic. Sniffers usually provide some form of protocollevel analysis that allows them to decode the data flowing across the network, according to the needs of the user. This analysis is often done on a packet by packet basis, as data flows in the network in packets. Sniffing programs have been traditionally used for helping in managing and administering networks. Recently, sniffers have also found use with law enforcement agencies for gathering intelligence and helping in crime prevention and detection. Typically such programs can be used for evaluating and diagnosing network related problems, debugging applications, rendering captured data, network intrusion detection and network traffic logging. 3.1 Design and Development Sniffers normally dump the packets that they capture directly to the disk. These packets usually require post capture processing to render them human readable. Most sniffers provide postprocessing and rendering tools. Sniffers that provide statistics about the data captured with the sole purpose of helping network managers in diagnosing and evaluating performance problems with servers, the network media, switches and applications are usually called network monitoring tools. Traditionally such tools setup alerts on various events, show trends of network traffic over a time period and maintain some history information. Each packet that is forwarded within a router or switch is examined for a set of IP packet attributes. These attributes are the IP packet identity or fingerprint of the packet and determine if the packet is unique or similar to other packets. Traditionally, an IP flow is based on a set of seven and up to nine IP packet attributes. IP packet attributes used by WPAT are IP source address, IP destination address, Source port, Destination port, Protocol type, Packet Size, date and time of packet flow. All packets with the same source/destination IP address, source/destination ports, protocol interface and class of service are grouped into a flow and then packets and bytes are tallied. This methodology of fingerprinting or determining a flow is scalable because a large amount of network information is condensed into a database. This flow information is extremely useful for understanding network behavior like: Source address allows the understanding of who is originating the traffic Destination address tells who is receiving the traffic Ports characterize the application utilizing Volume 3 Number 3 Page 162
3 the traffic Tallied packets and bytes show the amount of traffic Flow timestamps to understand the life of a flow; timestamps are useful for calculating packets and bytes per second. The WPAT software creates real-time or historical reports from the captured data. The proposed wireless packet analyzer tool (WPAT) as shown in the Figure 1 links with the packet sniffer tool and updates all packets already captured by the sniffer tool for every 30 seconds. The sniffer tool is set to capture the raw packets and store it in text format. The proposed WPAT links to the captured data and displays the data as shown in the Figure 1. The analyzer tool displays another two windows showing the sum of packet flow between starting time of capture to ending time of capture and the enterprise network intruder The sum of packet flow gives consolidated details about packets captured between any time period and further analysis of data can be made by selecting any source IP and clicking the packet flow details button shown in the Figure 1. The results shown in Table 1 are produced by the report produced by the Packet Flow Details button. 3.2 Implementation The implementation is done using the experimental set-up shown in Figure 2. A honeypot system is also implemented using the same experimental set-up. The experiments were carried out several times until satisfactory results were obtained. A sniffer tool is used to capture the raw packets from the network and connected to the database. The sniffer tool used is set to capture the packets flowing through the specified system. 3.3 Experiment 1-To Study the Packet Flow Information The experiment is conducted using the experimental set-up shown in the Figure 2. Initially packets are generated from various clients, and sent to a honeypot server which is placed in an Enterprise premises as shown in the Figure 2. A data set is generated and a valid stream is transmitted from clients to the wireless honeypot server. The data received by the honeypot server is captured using a sniffing tool and linked to the database. The graphs shown in Figure 3 to Figure 6 are obtained by selecting any IP address in the packet flow between starting time of capture to ending time window and by the report produced by graphs button. Like wise graphs for any source IP address can be displayed if there is any abnormality noticed in the packet flow. These graphs show a clear picture of the packet flow between any source IP address to the honeypot server system. The enterprise master button is used to enter the IP address, the MAC address and the system name permitted to be used inside the enterprise premises. Figure 2. Experimental Set-up and IP Connected Figure 1. Wireless Packet Analyzer Tool The Figure 3 shows packets generated from update client and sent to the honeypot_server as valid stream. Likewise Figure 4 shows packets generated from update1 client and sent to honeypot_server as valid stream. Likewise similar valid stream generated from update4 and update5wireless_client were sent to the honeypot_server. The Table 1 shows the captured data over a period of time. The Figure 3 and Figure 4 shows a graph with packets transmitted from update and update1 client over a period of time. Volume 3 Number 3 Page 163
4 Table 1 illustrates the details of the packets captured by the Honeypot server. The second column shows the packet size captured at various instant of time. The packets received from all connected clients by the server like Source IP, Destination IP, Source port and destination port are tabulated. Table 1 Details of the sample packets captured by the Honeypot server. No Size Source(S) IP Destination (D) IP S Port D Port Time Figure 5 Packets from Permitted IP :32: :32: :32: :32: :32: :32: :32: :32: :32: :45: :45: :45: :45: :45:37 Figure 6 Packets from Permitted IP Experiment 2- To Simulate and Detect Dos Attack Figure 3 Packets from Permitted IP In this experiment a DoS attack is detected using the following experimental set-up. For Dos Attack an experimental set-up as shown in the Figure 7 is created. The Figure 8 shows packets generated from update5wireless_client client and sent to honeypot server as invalid stream. The Figure 9 shows a graph with packets transmitted from update5wireless_client over a period of time. The Figure 9 and Figure 6 are compared and the graph shows very large packets received from update5wireless client than compared to packets received from update client over a period of time. This graphically represents attack packets sent from update5wireless client to honeypot server Figure 4 Packets from Permitted IP Figure 7 DoS Attack Experimental Set-up Volume 3 Number 3 Page 164
5 Figure 8 Packets from update5wireless_client Figure10 Experimental Set-up for Wi-Fi Threats Table 2 Permitted and Mis-Associated IPs No. IP Address MAC ADDRESS SYSTEM NAME PERMISSION :A0:B0:00:0D:FF Update :E0:20:72:36:27 Update :E0:20:75:31:42 Update1 Figure 9 Packets from DoS attacking IP Experiment 3- To Simulate and Detect Mis- Associated IPs from the Neighboring Premises In this experiment a Wi-Fi threats in a no Wi-Fi network is detected using the following experimental set-up. For Mis-Associated IPs from neighboring premises an experimental set-up is created as shown in the Figure 10. The Figure 10 illustrates an attack lures in multiple laptops to mis-associate. Even if there is no IEEE AP s most of the laptops have IEEE cards and the laptop radio is default configured to automatically associate with the strongest signal from a list of SSIDs. Hackers simply sit outside the building with an AP configured to a common SSID and wait for a number of laptops to connect. The Table 2 classifies the permitted IPs and mis-associated IPs :12:F0:09:55:C9 Honeypot_Server Not Permitted :17:9A:77:FC:E5 Update6_wireless 3.6 Experiment 4- To Simulate and Detect a Rogue AP In this experiment a Wi-Fi threats in a no Wi-Fi network is detected using the following experimental set-up. For detecting a Rogue AP an experimental set-up is created as shown in the Figure 11. A Rogue AP is detected and auto classified from the permitted IP s. Even if there is no IEEE AP, hackers through known or unknown sources place Rogue IEEE AP s in the Enterprise premises and get connected to the Enterprise Network and attack the laptops which have IEEE cards. Hackers simply sit outside the building and attack the Enterprise Network. The Table 3 shows the Intruder IP Connected to Enterprise Network. Volume 3 Number 3 Page 165
6 The WPAT is used to find the unknown IP address as shown in Table 4 and 5. A database is maintained which contains all the IP addresses that have been previously traversed. Table 4 WPAT Output TYPE SIZE SOURCE IP DESTINATION IP TCP TCP TCP TCP Table 5 New IP Addresses Figure 11 Experimental Set-up to Prevent Rogue AP and Threats Source IP Table 3 Intruder IPs Connected to Enterprise Network Source MAC Dest IP Date Time :05: :06:56 4 TRACING CYBER ATTACKS BY THE IP TRACEBACK TOOL The IP traceback may identify attack sources. However, IP traceback itself is not a detection or defense scheme. Integrating IP traceback with other functionalities such as detection and defense is the topic of interest which is experimented in this IP Traceback tool. 4.1Finding the New IP Address This module finds the new IP address whose route has to be traced. The sniffer output is used in this module. The sniffer is used to sniff both Data packets and Control packets. The control packet does not contain any information and hence their size is small. While the data packets contain some data and they have large size (say greater than 100 bytes). For example, while downloading a web page or files say from yahoo.com or google.com, it may request for information. In that case the web server may send the packet to the host system that requested for it. Thus the web server becomes the source and the host system requesting for a packet becomes the destination Tracing the route of new IP address This module traces the route of new IP address. The route contains the number of hops, time in milliseconds and the IP address of the intermediate routers. Traceroute displays all the routers through which data packets pass on way to the destination system from the source system. However, the path displayed by Traceroute for any IP addresses like the same source to the same destination in two different sessions may or may not vary. The operations performed during the tracing process are depicted as a flowchart as shown in the Figure 12 and block diagram of Trace route concept in Figure 13. The first step in the traceroute command is that it creates a packet with a TTL value of 1 and sends it to the destination system. The first router on way to the destination system from the source system will discard the data packet, as the TTL value of this received data packet is 1. In addition, this first router will also send back a "Time exceeded" error message to the source system. Since this Time exceeded error message received by the source system, has its source IP Address as that of the first router. As a result the traceroute running on the source system will come to know this IP address of the first router. In this way, the traceroute command identifies the address of the first router on the path to the destination system and displays it on the screen. Volume 3 Number 3 Page 166
7 Start Socket Initialize Ttl=1 If Ttl <=255 NO YES Send UDP If Router = Destination No Decrement ttl If ipo.tt1=0 YES Send ICMP Print Router IP ipo.ttl++ YES A Print Trace Route Complete Socket Cleanup NO Stop A Figure13 Block Diagram of Traceroute Concept When the TTL value is high enough for the data packet to reach the destination system, its TTL value would have been decremented to 1 by the time the data packets reaches its destination. However, even though the destination system will receive a data packet having a TTL value of 1, it will not discard the packet. This is because the destination has been reached. Since the destination system does not discard the data packet that it receives, it means that the destination system does not generate a Time exceeded error message. As a result, since no "Time Exceeded" error message is generated, the source system does not have any way by which it can ensure that the destination system has been reached. Hence, all new IP addresses are traced and if there is any intruder, it is considered as a new IP address and its route is also traced. Thus the intruder is traced. 4.3 Graphical Representation The output shown in the Table 6 is the route of the new IP address which is used for drawing the graph. The Table 6 contains the fields such as number of hops, time taken by each hops and the IP address of the intermediate routers. Figure 12 Flowchart for Traceroute Similarly, in the next step, traceroute sends a data packet with a TTL value of 2 to the destination system. The first router receiving this data packet will decrement the TTL value of the packet by 1 and then it would forward the packet to the second router on path to the destination system. This second router would in turn, discard this packet and send back a "Time Exceeded" error message to the source system, revealing its IP Address. This process of sending packets with increasing TTL values is carried out, until the data packet has a TTL value high enough to make sure that it reaches the destination system. Table 6 Traceroute Table NO.OF TIME TAKEN INTERMEDIATE HOPS ROUTERS Hop 1 38 ms Hop 2 45 ms Hop 3 46 ms Hop 4 46 ms Hop 5 62 ms Hop ms Hop ms Hop ms Hop ms Hop ms Volume 3 Number 3 Page 167
8 The route traced by the Traceroute tool is enhanced by the graphical representation which is shown in the Figure 14. The hops are plotted against the milliseconds. Information Assurance, West Point, New York, pp (2002). [4] A.C. Snoeren, C. Partridge, L.A. Sanchez, C.E. Jones, F. Tchakountio, B. Schwartz, S.T. Kent and W.T. Strayer: Single Packet IP Traceback, IEEE/ACM Transactions on Networking, Vol. Traceroute Graph 10, pp (2002). [5] A.C. Snoeren, C. Patriridge, L.A. Sanchez, C.E. 350 Jones, S.T. Kent, F. Tehhakountio and W.T. 300 Strayer: Hash-Based IP Traceback, Proceedings of ACM Conference on 250 Applications, Technologies, Architectures, and 200 Protocols for Computer Communication, San 150 Diego, California, USA (2001). 100 [6] K. Park and H. Lee: On the Effectiveness of 50 Probabilistic Packet Marking for IP Traceback th under DoS Attack, Proceedings of 20 Annual 0 Joint Conference of the IEEE Computer and Communication Society, Vol. 1, pp Hops (2001). [7] A. Mankin, D. Massey, S.F. Chien-Lung Wu Figure 14 Traceroute graph Wu and Lixia Zhang: On Design and Evaluation of 'Intention-driven' ICMP 5 CONCLUSION th Traceback, Proceedings of 10 International T im e - m s The post processing tool proposed through various experimental results shows that it can measure the packets flowing across an enterprise network considering the wireless threats on-the-fly. So a specific approach is undertaken to present a new experimental set-up for the precise measurement of packets across an enterprise network with or without Wi-Fi using a sniffer and a WPAT. Thus, WPAT using a IP Traceback tool is more effective, when any new IP address and if the IP address is not available in the database then its route is traced back. Thus, when an intruder attacks with an IP address that is not available in the database then that IP address is also considered as a new IP and the route is traced. The IP Traceback tool is enabled in real time and this tool based on the ICMP concept proves to be efficient. 6 REFERENCES [1] M. Sung and J. Xu: IP Traceback-based Intelligent Packet Filtering: A Novel Technique for Defending Against Internet DDoS Attacks, IEEE Transactions on Parallel and Distributed System, Vol. 14, No. 9, pp (2003). [2] Y.Tseng, H. Chen and Hsieh W: Probabilistic Packet Marking with Non-Preemptive Compensation, IEEE Communications Letters, Vol. 8, No. 6, pp (2004). [3] D. Wei and N. Ansari: Implementing IP Traceback in the Internet - An ISP Perspective, Proceedings of 3 rd Annual IEEE Workshop on Conference on Computer Communication and Networks, Scottsdale, USA, pp (2001). [8] J. Li, M. Sung, J. Xu and L. Li: Large-Scale IP Traceback in High-Speed Internet: Practical Techniques and Theoretical Foundation, Proceedings of IEEE Symposium on Security and Privacy, Oakland, California, pp (2004). [9] C. Gong and K. Sarac: IP Traceback based on Packet Marking and Logging, Proceedings of IEEE International Conference on Communication, Vol. 2, pp (2005). [10] M.T. Goodrich: Probabilistic Packet Marking for Large-Scale IP Traceback, IEEE/ACM Transactions on Networking, Vol. 16, No.1, pp (2008). [11] Z. Gao and N. Ansari: Tracing Cyber Attacks from the Practical Perspective, IEEE Communications Magazine, Vol. 43, No. 5, pp (2005). [12] A. Belenky and N. Ansari: On IP Traceback, IEEE Communications Magazine, Vol. 41, No. 7, pp (2003). [13] A. Belenky and N. Ansari: Tracing Multiple Attackers with Deterministic Packet Marking (DPM), Proceedings of IEEE Pacific Rim Conference Communication, Computer and Signal Processing, Victoria BC, Canada, pp (2003). [14] A. Belenky and N. Ansari: IP Traceback with Deterministic Packet Marking, IEEE Communications Letters, Vol. 7, No. 4, pp (2003). [15] C. Beak, J.A. Chaudhry, K. Lee, S. Park and M. Kim: A Novel Packet Marketing Method in Volume 3 Number 3 Page 168
9 DDoS Attack Detection, Proceedings of American Journal of Applied Sciences, Vol. 4, No. 10, pp (2007).. [16] Brajesh Pande: Network Monitoring Tool, Computer Society of India, Communications, November 2006, pp (2006). [17] B. Pande, D. Gupta, D. Sanghi and S.K. Jain: The Network Monitoring Tool Pick Packet, Proceedings of 3 rd International Conference on Information Technology and Applications, Vol. 2, pp (2005). [18] P. Stephen, J. Smith and Allen Crider: Independent Review of the Carnivore System, Final Report, IIT Research Institute, Lanham, Maryland (2000). H.A.Rauf received the Bachelors Degree in Electrical and Electronics Engineering in He completed his Masters degree in Business Administration (M.B.A) Degree in the year 1996 and his masters degree in Computer Science and Engineering in the year 1999.He is currently a PhD candidate in the faculty of Information and Communication Engineering, Anna University of Chennai. His research interests includes mobile computing, Computer Networks, Network Security, Advanced Networks and Performance Evaluation of Computer Networks. He is currently the Dean (CSE/IT), V.L.B. Janakiammal College of Engineering & Technology, Coimbatore, India Dr. Ebenezer Jeyakumar is currently the Principal of Government College of Engineering, Salem, India. Being an eminent professor of Anna University, there are many students doing their research under his guidance in various fields. Some of main areas of research are Networking, mobile computing, high voltage engineering and other related areas. Volume 3 Number 3 Page 169
ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.
ICND2 NetFlow Question 1 What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring B. Network Planning C. Security Analysis D. Accounting/Billing Answer: A C D NetFlow
More informationFlexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks
Flexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks Prashil S. Waghmare PG student, Sinhgad College of Engineering, Vadgaon, Pune University, Maharashtra, India. prashil.waghmare14@gmail.com
More informationA Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks
A Hybrid Approach for Detecting, Preventing, and Traceback DDoS Attacks ALI E. EL-DESOKY 1, MARWA F. AREAD 2, MAGDY M. FADEL 3 Department of Computer Engineering University of El-Mansoura El-Gomhoria St.,
More informationCisco IOS Flexible NetFlow Technology
Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application
More informationDDoS Attack Traceback
DDoS Attack Traceback and Beyond Yongjin Kim Outline Existing DDoS attack traceback (or commonly called IP traceback) schemes * Probabilistic packet marking Logging-based scheme ICMP-based scheme Tweaking
More informationA Research Study on Packet Sniffing Tool TCPDUMP
A Research Study on Packet Sniffing Tool TCPDUMP ANSHUL GUPTA SURESH GYAN VIHAR UNIVERSITY, INDIA ABSTRACT Packet sniffer is a technique of monitoring every packet that crosses the network. By using this
More informationSecond-generation (GenII) honeypots
Second-generation (GenII) honeypots Bojan Zdrnja CompSci 725, University of Auckland, Oct 2004. b.zdrnja@auckland.ac.nz Abstract Honeypots are security resources which trap malicious activities, so they
More informationA Novel Packet Marketing Method in DDoS Attack Detection
SCI-PUBLICATIONS Author Manuscript American Journal of Applied Sciences 4 (10): 741-745, 2007 ISSN 1546-9239 2007 Science Publications A Novel Packet Marketing Method in DDoS Attack Detection 1 Changhyun
More informationInternet Protocol trace back System for Tracing Sources of DDoS Attacks and DDoS Detection in Neural Network Packet Marking
Internet Protocol trace back System for Tracing Sources of DDoS Attacks and DDoS Detection in Neural Network Packet Marking 1 T. Ravi Kumar, 2 T Padmaja, 3 P. Samba Siva Raju 1,3 Sri Venkateswara Institute
More informationHow To Stop A Ddos Attack On A Network From Tracing To Source From A Network To A Source Address
Inter-provider Coordination for Real-Time Tracebacks Kathleen M. Moriarty 2 June 2003 This work was sponsored by the Air Force Contract number F19628-00-C-002. Opinions, interpretations, conclusions, and
More informationLarge-Scale IP Traceback in High-Speed Internet
2004 IEEE Symposium on Security and Privacy Large-Scale IP Traceback in High-Speed Internet Jun (Jim) Xu Networking & Telecommunications Group College of Computing Georgia Institute of Technology (Joint
More informationNetwork Management and Debugging. Jing Zhou
Network Management and Debugging Jing Zhou Network Management and Debugging Network management generally includes following task: Fault detection for networks, gateways and critical servers Schemes for
More informationNetwork Monitoring On Large Networks. Yao Chuan Han (TWCERT/CC) james@cert.org.tw
Network Monitoring On Large Networks Yao Chuan Han (TWCERT/CC) james@cert.org.tw 1 Introduction Related Studies Overview SNMP-based Monitoring Tools Packet-Sniffing Monitoring Tools Flow-based Monitoring
More informationLab 9.1.1 Organizing CCENT Objectives by OSI Layer
Lab 9.1.1 Organizing CCENT Objectives by OSI Layer Objectives Organize the CCENT objectives by which layer or layers they address. Background / Preparation In this lab, you associate the objectives of
More informationIntroduction to Cisco IOS Flexible NetFlow
Introduction to Cisco IOS Flexible NetFlow Last updated: September 2008 The next-generation in flow technology allowing optimization of the network infrastructure, reducing operation costs, improving capacity
More informationDetecting Threats in Network Security by Analyzing Network Packets using Wireshark
1 st International Conference of Recent Trends in Information and Communication Technologies Detecting Threats in Network Security by Analyzing Network Packets using Wireshark Abdulalem Ali *, Arafat Al-Dhaqm,
More informationPacket-Marking Scheme for DDoS Attack Prevention
Abstract Packet-Marking Scheme for DDoS Attack Prevention K. Stefanidis and D. N. Serpanos {stefanid, serpanos}@ee.upatras.gr Electrical and Computer Engineering Department University of Patras Patras,
More informationImplementing Network Monitoring Tools
Section 1 Network Systems Engineering Implementing Network Monitoring Tools V.C.Asiwe and P.S.Dowland Network Research Group, University of Plymouth, Plymouth, United Kingdom e-mail: info@network-research-group.org
More informationA Survey of IP Traceback Mechanisms to overcome Denial-of-Service Attacks
A Survey of IP Traceback Mechanisms to overcome Denial-of-Service Attacks SHWETA VINCENT, J. IMMANUEL JOHN RAJA Department of Computer Science and Engineering, School of Computer Science and Technology
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK PACKET SNIFFING MS. SONALI A. KARALE 1, MS. PUNAM P. HARKUT 2 HVPM COET Amravati.
More informationDDoS Overview and Incident Response Guide. July 2014
DDoS Overview and Incident Response Guide July 2014 Contents 1. Target Audience... 2 2. Introduction... 2 3. The Growing DDoS Problem... 2 4. DDoS Attack Categories... 4 5. DDoS Mitigation... 5 1 1. Target
More informationRID-DoS: Real-time Inter-network Defense Against Denial of Service Attacks. Kathleen M. Moriarty. MIT Lincoln Laboratory.
: Real-time Inter-network Defense Against Denial of Service Attacks Kathleen M. Moriarty 22 October 2002 This work was sponsored by the Air Force Contract number F19628-00-C-002. Opinions, interpretations,
More informationA Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds
International Journal of Research Studies in Science, Engineering and Technology Volume 1, Issue 9, December 2014, PP 139-143 ISSN 2349-4751 (Print) & ISSN 2349-476X (Online) A Novel Distributed Denial
More informationNetflow Collection with AlienVault Alienvault 2013
Netflow Collection with AlienVault Alienvault 2013 CONFIGURE Configuring NetFlow Capture of TCP/IP Traffic from an AlienVault Sensor or Remote Hardware Level: Beginner to Intermediate Netflow Collection
More informationCase Study: Instrumenting a Network for NetFlow Security Visualization Tools
Case Study: Instrumenting a Network for NetFlow Security Visualization Tools William Yurcik* Yifan Li SIFT Research Group National Center for Supercomputing Applications (NCSA) University of Illinois at
More informationIntrusion Detection Systems (IDS)
Intrusion Detection Systems (IDS) What are They and How do They Work? By Wayne T Work Security Gauntlet Consulting 56 Applewood Lane Naugatuck, CT 06770 203.217.5004 Page 1 6/12/2003 1. Introduction Intrusion
More informationBuilding Secure Network Infrastructure For LANs
Building Secure Network Infrastructure For LANs Yeung, K., Hau; and Leung, T., Chuen Abstract This paper discusses the building of secure network infrastructure for local area networks. It first gives
More informationAnalysis of IP Network for different Quality of Service
2009 International Symposium on Computing, Communication, and Control (ISCCC 2009) Proc.of CSIT vol.1 (2011) (2011) IACSIT Press, Singapore Analysis of IP Network for different Quality of Service Ajith
More informationNSC 93-2213-E-110-045
NSC93-2213-E-110-045 2004 8 1 2005 731 94 830 Introduction 1 Nowadays the Internet has become an important part of people s daily life. People receive emails, surf the web sites, and chat with friends
More informationImproving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation
Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation R.Navaneethakrishnan Assistant Professor (SG) Bharathiyar College of Engineering and Technology, Karaikal, India.
More informationProvider-Based Deterministic Packet Marking against Distributed DoS Attacks
Provider-Based Deterministic Packet Marking against Distributed DoS Attacks Vasilios A. Siris and Ilias Stavrakis Institute of Computer Science, Foundation for Research and Technology - Hellas (FORTH)
More informationIntroduction to Passive Network Traffic Monitoring
Introduction to Passive Network Traffic Monitoring CS459 ~ Internet Measurements Spring 2015 Despoina Antonakaki antonakd@csd.uoc.gr Active Monitoring Inject test packets into the network or send packets
More informationInternational Journal of Emerging Technologies in Computational and Applied Sciences (IJETCAS) www.iasir.net
International Association of Scientific Innovation and Research (IASIR) (An Association Unifying the Sciences, Engineering, and Applied Research) International Journal of Emerging Technologies in Computational
More informationAvaya ExpertNet Lite Assessment Tool
IP Telephony Contact Centers Mobility Services WHITE PAPER Avaya ExpertNet Lite Assessment Tool April 2005 avaya.com Table of Contents Overview... 1 Network Impact... 2 Network Paths... 2 Path Generation...
More informationFirewalls. Ahmad Almulhem March 10, 2012
Firewalls Ahmad Almulhem March 10, 2012 1 Outline Firewalls The Need for Firewalls Firewall Characteristics Types of Firewalls Firewall Basing Firewall Configurations Firewall Policies and Anomalies 2
More informationInternet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering
Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls
More informationWhen Recognition Matters THE COMPARISON OF PROGRAMS FOR NETWORK MONITORING. www.pecb.com
When Recognition Matters THE COMPARISON OF PROGRAMS FOR NETWORK MONITORING www.pecb.com Imagine a working environment comprised of a number of switches, routers, some terminals and file servers. Network
More informationCountermeasure for Detection of Honeypot Deployment
Proceedings of the International Conference on Computer and Communication Engineering 2008 May 13-15, 2008 Kuala Lumpur, Malaysia Countermeasure for Detection of Honeypot Deployment Lai-Ming Shiue 1, Shang-Juh
More informationIntrusion Detection System Based Network Using SNORT Signatures And WINPCAP
Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Aakanksha Vijay M.tech, Department of Computer Science Suresh Gyan Vihar University Jaipur, India Mrs Savita Shiwani Head Of
More informationSecure Networks for Process Control
Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than
More informationQuestion: 3 When using Application Intelligence, Server Time may be defined as.
1 Network General - 1T6-521 Application Performance Analysis and Troubleshooting Question: 1 One component in an application turn is. A. Server response time B. Network process time C. Application response
More informationFirewalls. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Firewall Design Principles
Firewalls Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Firewall Design Principles Firewall Characteristics Types of Firewalls Firewall Configurations
More informationCISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY
CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY CISCO INFORMATION TECHNOLOGY SEPTEMBER 2004 1 Overview Challenge To troubleshoot capacity and quality problems and to understand
More informationA VoIP Traffic Monitoring System based on NetFlow v9
A VoIP Traffic Monitoring System based on NetFlow v9 Chang-Yong Lee *1, Hwan-Kuk Kim, Kyoung-Hee Ko, Jeong-Wook Kim, Hyun- Cheol Jeong Korea Information Security Agency, Seoul, Korea {chylee, rinyfeel,
More informationApplication-Centric Analysis Helps Maximize the Value of Wireshark
Application-Centric Analysis Helps Maximize the Value of Wireshark The cost of freeware Protocol analysis has long been viewed as the last line of defense when it comes to resolving nagging network and
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationNetwork Based Intrusion Detection Using Honey pot Deception
Network Based Intrusion Detection Using Honey pot Deception Dr.K.V.Kulhalli, S.R.Khot Department of Electronics and Communication Engineering D.Y.Patil College of Engg.& technology, Kolhapur,Maharashtra,India.
More informationStrategies to Protect Against Distributed Denial of Service (DD
Strategies to Protect Against Distributed Denial of Service (DD Table of Contents Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks...1 Introduction...1 Understanding the Basics
More informationApplication of Netflow logs in Analysis and Detection of DDoS Attacks
International Journal of Computer and Internet Security. ISSN 0974-2247 Volume 8, Number 1 (2016), pp. 1-8 International Research Publication House http://www.irphouse.com Application of Netflow logs in
More informationInternet Protocol: IP packet headers. vendredi 18 octobre 13
Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)
More informationCS 356 Lecture 16 Denial of Service. Spring 2013
CS 356 Lecture 16 Denial of Service Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter
More informationEntropy-Based Collaborative Detection of DDoS Attacks on Community Networks
Entropy-Based Collaborative Detection of DDoS Attacks on Community Networks Krishnamoorthy.D 1, Dr.S.Thirunirai Senthil, Ph.D 2 1 PG student of M.Tech Computer Science and Engineering, PRIST University,
More informationIntrusion Detection, Packet Sniffing
Intrusion Detection, Packet Sniffing By : Eng. Ayman Amaireh Supervisor :Dr.: Lo'ai Tawalbeh New York Institute of Technology (NYIT)- Jordan s s campus-2006 12/2/2006 eng Ayman 1 What is a "packet sniffer"?
More informationIntrusion Forecasting Framework for Early Warning System against Cyber Attack
Intrusion Forecasting Framework for Early Warning System against Cyber Attack Sehun Kim KAIST, Korea Honorary President of KIISC Contents 1 Recent Cyber Attacks 2 Early Warning System 3 Intrusion Forecasting
More informationDenial of Service. Tom Chen SMU tchen@engr.smu.edu
Denial of Service Tom Chen SMU tchen@engr.smu.edu Outline Introduction Basics of DoS Distributed DoS (DDoS) Defenses Tracing Attacks TC/BUPT/8704 SMU Engineering p. 2 Introduction What is DoS? 4 types
More informationComprehensive Network Security Approach: Security Breaches at Retail company- A Case Study
IJCSNS International Journal of Computer Science and Network Security, VOL.12 No.8, August 2012 107 Comprehensive Network Security Approach: Security Breaches at Retail company- A Case Study Mehdi Jahanirad,
More informationCHAPETR 3. DISTRIBUTED DEPLOYMENT OF DDoS DEFENSE SYSTEM
59 CHAPETR 3 DISTRIBUTED DEPLOYMENT OF DDoS DEFENSE SYSTEM 3.1. INTRODUCTION The last decade has seen many prominent DDoS attack on high profile webservers. In order to provide an effective defense against
More informationNEW TECHNIQUES FOR THE DETECTION AND TRACKING OF THE DDOS ATTACKS
NEW TECHNIQUES FOR THE DETECTION AND TRACKING OF THE DDOS ATTACKS Iustin PRIESCU, PhD Titu Maiorescu University, Bucharest Sebastian NICOLAESCU, PhD Verizon Business, New York, USA Rodica NEAGU, MBA Outpost24,
More informationNetworks: IP and TCP. Internet Protocol
Networks: IP and TCP 11/1/2010 Networks: IP and TCP 1 Internet Protocol Connectionless Each packet is transported independently from other packets Unreliable Delivery on a best effort basis No acknowledgments
More informationBest Practices for Securing IP Telephony
Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram
More informationThe flow back tracing and DDoS defense mechanism of the TWAREN defender cloud
Proceedings of the APAN Network Research Workshop 2013 The flow back tracing and DDoS defense mechanism of the TWAREN defender cloud Ming-Chang Liang 1, *, Meng-Jang Lin 2, Li-Chi Ku 3, Tsung-Han Lu 4,
More informationTransport and Network Layer
Transport and Network Layer 1 Introduction Responsible for moving messages from end-to-end in a network Closely tied together TCP/IP: most commonly used protocol o Used in Internet o Compatible with a
More informationHONEYD (OPEN SOURCE HONEYPOT SOFTWARE)
HONEYD (OPEN SOURCE HONEYPOT SOFTWARE) Author: Avinash Singh Avinash Singh is a Technical Evangelist currently worksing at Appin Technology Lab, Noida. Educational Qualification: B.Tech from Punjab Technical
More informationFederal Computer Incident Response Center (FedCIRC) Defense Tactics for Distributed Denial of Service Attacks
Threat Paper Federal Computer Incident Response Center (FedCIRC) Defense Tactics for Distributed Denial of Service Attacks Federal Computer Incident Response Center 7 th and D Streets S.W. Room 5060 Washington,
More informationTraffic Monitoring using sflow
Making the Network Visible www.sflow.org Traffic Monitoring using sflow With the ever-increasing reliance on network services for business critical applications, the smallest change in network usage can
More informationAn IP Trace back System to Find the Real Source of Attacks
An IP Trace back System to Find the Real Source of Attacks A.Parvathi and G.L.N.JayaPradha M.Tech Student,Narasaraopeta Engg College, Narasaraopeta,Guntur(Dt),A.P. Asso.Prof & HOD,Dept of I.T,,Narasaraopeta
More informationEstablishing a valuable method of packet capture and packet analyzer tools in firewall
International Journal of Research Studies in Computing 2012 April, Volume 1 Number 1, 11-20 Establishing a valuable method of packet capture and packet analyzer tools in firewall Kumar, P. Senthil Nandha
More informationFlow Analysis. Make A Right Policy for Your Network. GenieNRM
Flow Analysis Make A Right Policy for Your Network GenieNRM Why Flow Analysis? Resolve Network Managers Challenge as follow: How can I know the Detail and Real-Time situation of my network? How can I do
More informationA Catechistic Method for Traffic Pattern Discovery in MANET
A Catechistic Method for Traffic Pattern Discovery in MANET R. Saranya 1, R. Santhosh 2 1 PG Scholar, Computer Science and Engineering, Karpagam University, Coimbatore. 2 Assistant Professor, Computer
More informationUsing IPM to Measure Network Performance
CHAPTER 3 Using IPM to Measure Network Performance This chapter provides details on using IPM to measure latency, jitter, availability, packet loss, and errors. It includes the following sections: Measuring
More informationIntegrated Traffic Monitoring
61202880L1-29.1F November 2009 Configuration Guide This configuration guide describes integrated traffic monitoring (ITM) and its use on ADTRAN Operating System (AOS) products. Including an overview of
More informationCisco Application Networking for BEA WebLogic
Cisco Application Networking for BEA WebLogic Faster Downloads and Site Navigation, Less Bandwidth and Server Processing, and Greater Availability for Global Deployments What You Will Learn To address
More informationEfficient Detection of Ddos Attacks by Entropy Variation
IOSR Journal of Computer Engineering (IOSRJCE) ISSN: 2278-0661, ISBN: 2278-8727 Volume 7, Issue 1 (Nov-Dec. 2012), PP 13-18 Efficient Detection of Ddos Attacks by Entropy Variation 1 V.Sus hma R eddy,
More informationEKT 332/4 COMPUTER NETWORK
UNIVERSITI MALAYSIA PERLIS SCHOOL OF COMPUTER & COMMUNICATIONS ENGINEERING EKT 332/4 COMPUTER NETWORK LABORATORY MODULE LAB 2 NETWORK PROTOCOL ANALYZER (SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK)
More informationSecurity Technology White Paper
Security Technology White Paper Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without
More informationCourse Title: Penetration Testing: Security Analysis
Course Title: Penetration Testing: Security Analysis Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced
More informationAnalysis of Traceback Techniques
Analysis of Traceback Techniques Udaya Kiran Tupakula Vijay Varadharajan Information and Networked Systems Security Research Division of ICS, Macquarie University North Ryde, NSW-2109, Australia {udaya,
More informationEffect of Windows XP Firewall on Network Simulation and Testing
Issues in Informing Science and Information Technology Volume 4, 2007 Effect of Windows XP Firewall on Network Simulation and Testing Akram Al-Rawi College of CS & IT, King Faisal University, Al-Hassa,
More informationLab VI Capturing and monitoring the network traffic
Lab VI Capturing and monitoring the network traffic 1. Goals To gain general knowledge about the network analyzers and to understand their utility To learn how to use network traffic analyzer tools (Wireshark)
More informationCCNA Discovery 4.0.3.0 Networking for Homes and Small Businesses Student Packet Tracer Lab Manual
4.0.3.0 Networking for Homes and Small Businesses Student Packet Tracer Lab Manual This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial
More informationAnalysis of IP Spoofed DDoS Attack by Cryptography
www..org 13 Analysis of IP Spoofed DDoS Attack by Cryptography Dalip Kumar Research Scholar, Deptt. of Computer Science Engineering, Institute of Engineering and Technology, Alwar, India. Abstract Today,
More informationZarząd (7 osób) F inanse (13 osób) M arketing (7 osób) S przedaż (16 osób) K adry (15 osób)
QUESTION NO: 8 David, your TestKing trainee, asks you about basic characteristics of switches and hubs for network connectivity. What should you tell him? A. Switches take less time to process frames than
More informationco Characterizing and Tracing Packet Floods Using Cisco R
co Characterizing and Tracing Packet Floods Using Cisco R Table of Contents Characterizing and Tracing Packet Floods Using Cisco Routers...1 Introduction...1 Before You Begin...1 Conventions...1 Prerequisites...1
More informationWHITE PAPER. WEP Cloaking for Legacy Encryption Protection
WHITE PAPER WEP Cloaking for Legacy TM Encryption Protection Introduction Wired Equivalent Privacy (WEP) is the encryption protocol defined in the original IEEE 802.11 standard for Wireless Local Area
More informationA TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS
ICTACT JOURNAL ON COMMUNICATION TECHNOLOGY, JUNE 2010, ISSUE: 02 A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS S.Seetha 1 and P.Raviraj 2 Department of
More informationTEIN2 Measurement and Monitoring Workshop. Bruce.Morgan@aarnet.edu.au
TEIN2 Measurement and Monitoring Workshop Bruce.Morgan@aarnet.edu.au Introduction Agenda TEIN2 Topology Network Monitoring Network Measurement Day 1 Session I: Introduction 09:00-09:30 Introduction to
More informationGaining Operational Efficiencies with the Enterasys S-Series
Gaining Operational Efficiencies with the Enterasys S-Series Hi-Fidelity NetFlow There is nothing more important than our customers. Gaining Operational Efficiencies with the Enterasys S-Series Introduction
More informationNetwork Defense Tools
Network Defense Tools Prepared by Vanjara Ravikant Thakkarbhai Engineering College, Godhra-Tuwa +91-94291-77234 www.cebirds.in, www.facebook.com/cebirds ravikantvanjara@gmail.com What is Firewall? A firewall
More informationNetwork Performance Monitoring at Minimal Capex
Network Performance Monitoring at Minimal Capex Some Cisco IOS technologies you can use to create a high performance network Don Thomas Jacob Technical Marketing Engineer About ManageEngine Network Servers
More informationEdge Configuration Series Reporting Overview
Reporting Edge Configuration Series Reporting Overview The Reporting portion of the Edge appliance provides a number of enhanced network monitoring and reporting capabilities. WAN Reporting Provides detailed
More informationHow To Use A Cisco Wvvvdns4400N Wireless-N Gigabit Security Router For Small Businesses
Cisco WRVS4400N Wireless-N Gigabit Security Router Cisco Small Business Routers Highlights Secure, high-speed wireless network access for small business Gigabit Ethernet connections enable rapid transfer
More informationPROFESSIONAL SECURITY SYSTEMS
PROFESSIONAL SECURITY SYSTEMS Security policy, active protection against network attacks and management of IDP Introduction Intrusion Detection and Prevention (IDP ) is a new generation of network security
More informationCSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required
CSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required Current Catalog Description: Computer network architectures and their application to industry needs.
More informationInternet Traffic Measurement
Internet Traffic Measurement Internet Traffic Measurement Network Monitor Placement Measurement Analysis Tools Measurement Result Reporting Probing Mechanism Vantage Points Edge vs Core Hardware vs Software
More informationAssignment One. ITN534 Network Management. Title: Report on an Integrated Network Management Product (Solar winds 2001 Engineer s Edition)
Assignment One ITN534 Network Management Title: Report on an Integrated Network Management Product (Solar winds 2001 Engineer s Edition) Unit Co-coordinator, Mr. Neville Richter By, Vijayakrishnan Pasupathinathan
More informationBroadband Phone Gateway BPG510 Technical Users Guide
Broadband Phone Gateway BPG510 Technical Users Guide (Firmware version 0.14.1 and later) Revision 1.0 2006, 8x8 Inc. Table of Contents About your Broadband Phone Gateway (BPG510)... 4 Opening the BPG510's
More informationWireless LAN Security: Securing Your Access Point
IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.5B, May 2006 173 Wireless LAN Security: Securing Your Access Point Sia Sie Tung, Nurul Nadia Ahmad, Tan Kim Geok Faculty
More informationpacket retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.
Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System
More informationCISCO IOS NETFLOW AND SECURITY
CISCO IOS NETFLOW AND SECURITY INTERNET TECHNOLOGIES DIVISION FEBRUARY 2005 1 Cisco IOS NetFlow NetFlow is a standard for acquiring IP network and operational data Benefits Understand the impact of network
More informationMN-700 Base Station Configuration Guide
MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station
More information